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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Ryan T. Grace (Reg. No. 52,956) on 1 1/20/2006. 



The application has been amended as follows beginning on the following page: 
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1 .' (Currently amended) A computer-implemented method for maintaining 
configuration information on a mobile device, comprising: 

receiving a message, wherein the message identifies the source of the message and 
changes to settings of the mobile device; 

identifying, by a push router of the mobile device, the source of the received message, 
wherein the push router associates assigns a security role with to the received message based cm 
the identified source of the received message and inserts an identifier into the received message 
to identify the associat e d assigned security role; 

passing the message to a configuration manager; 

parsing, by the configuration manager, the message to identify at least one configuration 
service provider, among a plurality of configuration service providers, responsible for the 
settings identified in the message; 

determining whether the assigned security role of the message, assigned by the push 
router, is sufficient to invoke the identified configuration service provider; 

failing the transaction when the assigned security role of the message is not sufficient; 

passing the message to the configuration service provider when the assigned security role 
of the message is sufficient, wherein the identified configuration security provider determines 
whether the assigned security role of the message is sufficient for settings associated with the 
configuration service provider; 

failing the transaction when the assigned security role of the message is insufficient for 
the settings; and 

performing the changes to the settings of the mobile device when the configuration 
service provider determines that the security role of the message is sufficient. 

2. (Cancelled) 



3 . (Previously presented) The computer-implemented method of claim 1 , wherein 
the source of the message is identified from authentication and decryption of the received 
message. 
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4. (Previously presented) The computer-implemented method of claim 1 , wherein 
the message includes a shared key that identifies the source of the message. 



5. (Previously presented) The computer-implemented method of claim 1 , wherein 
determining whether the assigned security role of the message, assigned by the push router, is 
sufficient to invoke the identified configuration service provider further comprises comparing the 
assigned security role of the message to an assigned security role of the configuration service 
provider. 



6-7. (Cancelled) 



8. (Currently amended) A computer-readable storage medium having computer- 
executable components for managing security on a mobile device, comprising: 

a stored setting having an assigned security role that identifies a privilege that an entity 
attempting to access the stored setting must satisfy in order to access the stored setting; 

a router, of the mobile device, configured to receive a configuration message over a 
wireless communication link, the router being further configured to identify a source of the 
configuration message and insert a security role identifier into die received configuration 
message based on the identified source, the router being further configured to pass the 
configuration message to other components of the mobile device, the configuration message 
including an instruction that affects a configuration setting; 

a configuration manager, of the mobile device n configured to receive the configuration 
message from the router and to parse the configuration message to identify a configuration 
service provider^ of the mobile device, responsible for the instruction, wherein the configuration 
manager passes the configuration message to the configuration service provider when the 
assigned security role of the configuration message provides a privilege to access the 
configuration service provider; and 

the configuration service provider being configured to receive the configuration message 
from the configuration manager, determine whether the assigned security role of the 
configuration message has sufficient privilege to access the stored setting^], and execute the 
instructions when the configuration service provider determines that the assigned security role 
has sufficient privilege to access the stored setting. 

9. (Currendy amended) The computer-readable storage medium of claim 8, wherein 
the configuration service provider is configured to manage at least one configuration setting 
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stored on the mobile device, and wherein the processing of the instruction is performed by the 
configuration service provider. 

1 0. (Currently amended) The computer-readable storage medium of claim 9, wherein 
the configuration service provider has an assigned security role that identifies a privilege that 
must be associated with an instruction that affects a configuration setting which the configuration 
service provider maintains. 

1 1 . (Currently amended) The computer-readable storage medium of claim 1 0, 
wherein die configuration manager is further configured to determine if the instruction that 
affects the configuration setting is in agreement with the security role assigned to the 
configuration service provider that maintains the affected configuration setting, and if so, the 
configuration manager is further configured to pass the instruction to the configuration service 
provider to be handled. 

12. (Currently amended) The computer-readable storag e medium of claim 1 1 , 
wherein the configuration service provider determines if the instruction is in agreement with the 
security role assigned to the stored setting prior to processing the instruction, and if not, 
terminating the processing of the instruction. 

1 3 . (Currently amended) A computer-readable storage ; medium having computer- 
executable instructions for maintaining configuration information on a mobile device, 
comprising: 

receiving a configuration message, wherein the configuration message includes a header 
field that identifies a source and an instruction field that identifies a configuration setting on the 
mobile device; 

identifying, by a push router of the mobile device, the source of the received 
configuration message from the header field, wherein the push router inserts a security role 
identifier into a security role field of the received configuration message, wherein the security 
role is based on the identified source of the received configuration message; 

passing the configuration message to a configuration manager of the mobile device : 
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parsing, by the configuration manager, the configuration message to identify at least one 
configuration service provider of the mobile device , among a plurality of configuration service 
providers, responsible for the setting identified in the configuration message; 

determining whether the inserted security role identifier of the configuration message, 
assigned by the push router, is sufficient to invoke the identified configuration service provider; 

failing the transaction when the inserted security role identifier of the configuration 
message is not sufficient; 

passing the message to the configuration service provider when the inserted security role 
identifier of the configuration message is sufficient, wherein the identified configuration security 
provider determines whether the inserted security role identifier of the configuration message is 
sufficient for the setting associated with the configuration service provider; 

failing the transaction when the inserted security role identifier of the configuration 
message is insufficient for the setting; and 

performing the changes to the setting of the mobile device when the configuration service 
provider determines that the inserted security role identifier of the configuration message is 
sufficient. 

14. (Cancelled) 

15, (Currently amended) The computer-readable storage medium of claim 13, 
wherein the source of the message is identified from authentication and decryption of the 
received message, 

16. (Currently amended) The computer-readable storage medium of claim 13, 
wherein the configuration message includes a shared key that identifies the source of the 
configuration message. 

17, (Currently amended) The computer-readable storage medium of claim 13, 
wherein determining whether the inserted security role identifier of the configuration message, 
assigned by the push router, is sufficient to invoke the identified configuration service provider 
further comprises comparing the inserted security role identifier of the configuration message to 
an assigned security role of the configuration service provider. 
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The following is an examiner's statement of reasons for allowance: The closest prior art, 
Patent Number 6,148,342 to Ho, disclosed a similar method for accessing data wherein a request 
was received, a sender was identified and a security role was inserted in the request based on the 
identified sender, passing the request on to another device which analyzed the request and the 
security role in order to determine if the request could be permitted, and if so passed the message 
on to a final device which again determined if access would be permitted based on the request 
and the security role and if so would process the request. However, Ho disclosed this method in 
a multiple device system and the examiner has found no motivation to incorporate such a method 
into a single mobile device for altering configuration information of the mobile device. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Matthew T. Henning whose telephone number is (571) 272-3790. 
The examiner can normally be reached on M-F 8-4. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




Matthew Henning 
Assistant Patent Examiner 
Art Unit 2131 
11/21/2006 ' 
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